package news.action;

import java.io.IOException;
import java.text.SimpleDateFormat;
import java.util.Date;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import news.biz.UsersBiz;
import news.entity.Users;

/**
 * 用户的控制器
 * @author Administrator
 *
 */
@WebServlet(name="UsersAction", urlPatterns="/users.do")
public class UsersAction extends HttpServlet {
	private static final long serialVersionUID = 1L;
	
	/**
	 * 用户的业务逻辑类
	 */
	private UsersBiz usersBiz;
	/**
	 * session对象
	 */
	private HttpSession session;

	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// 实例化session对象
		session = request.getSession();
		// 获取op参数
		String op = request.getParameter("op");
		// 获得方法返回的页面名
		String url = "";
		switch ( op ) {
			case "login":	// 如果是登录
				url = userLogin(request, response);
				break;
			case "modify":
				url = userModify(request, response);
				break;
			case "reset":
				url = userReset(request,response);
				break;
			case "logout":
				url = userLogout(request,response);
				break;
			default:
				url = "error.jsp";
				break;
		}
		
		// 进行统一跳转
		request.getRequestDispatcher("WEB-INF/pages/" + url).forward(request, response);
	}

	/**
	 * 用户注销
	 * @param request
	 * @param response
	 * @return
	 */
	private String userLogout(HttpServletRequest request, HttpServletResponse response) {
		session.invalidate();
		return "login.jsp";
	}

	/**
	 * 修改密码
	 * @param request
	 * @param response
	 * @return
	 */
	private String userReset(HttpServletRequest request, HttpServletResponse response) {
		String oldpwd = request.getParameter("oldpwd");
		String newpwd = request.getParameter("newpwd");
		
		Users user = (Users)session.getAttribute("user");
		boolean flag = usersBiz().equalsOldPwd(oldpwd, user.getId());
		if ( flag ) {
			if ( usersBiz().resetUserPwd(newpwd, user.getId()) ) {
				return "login.jsp";
			} else {
				request.setAttribute("error", "修改密码失败，请稍后再试！");
				return "manage.jsp?include=reset.jsp";
			}
		} else {
			request.setAttribute("error", "原始密码不正确");
			return "manage.jsp?include=reset.jsp";
		}
	}

	/**
	 * 跳转到用户密码修改页面
	 * @param request
	 * @param response
	 * @return
	 */
	private String userModify(HttpServletRequest request, HttpServletResponse response) {
		return "manage.jsp?include=reset.jsp";
	}

	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		doGet(request, response);
	}
	
	/**
	 * 验证用户登录方法
	 * @param request
	 * @param response
	 * @throws ServletException
	 * @throws IOException
	 */
	private String userLogin(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// 获得请求参数
		String uname = request.getParameter("username");
		String upwd = request.getParameter("password");
		
		Users user = usersBiz().userLogin(uname, upwd);
		
		if ( user == null ) {
			request.setAttribute("error", "ok");
			return "login.jsp";
		} else {	// 登录成功！
			session.setAttribute("user", user);
			// 获得客户端的IP地址
			String ip = request.getRemoteAddr();
			// 获得当前的系统时间
			String time = new SimpleDateFormat("yyyy-MM-dd hh:mm:ss").format(new Date());
			// 将ip和系统时间存入session中
			session.setAttribute("ip", ip);
			session.setAttribute("time", time);
			return "manage.jsp?include=welcome.jsp";
		}
 	}

	/**
	 * 获取UsersBiz的方法
	 * @return
	 */
	private UsersBiz usersBiz() {
		if ( usersBiz == null ) {
			usersBiz = new UsersBiz();
		} 
		return usersBiz;
	}
}
